智能安评系统后端
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
kongzy
2024-07-12 28aaf2ffa1dbb860a292ba330a7e9362e60e7832 
 assess-common/src/main/java/com/gkhy/assess/common/utils/JwtTokenUtil.java


@@ -6,10 +6,12 @@


import com.auth0.jwt.JWTVerifier;


import com.auth0.jwt.algorithms.Algorithm;


import com.auth0.jwt.exceptions.JWTDecodeException;


import com.auth0.jwt.interfaces.Claim;


import com.auth0.jwt.interfaces.DecodedJWT;


import com.fasterxml.jackson.databind.ObjectMapper;


import com.gkhy.assess.common.api.CommonResult;


import com.gkhy.assess.common.exception.ApiException;


import io.swagger.models.auth.In;


import org.apache.commons.lang3.StringUtils;


import org.apache.shiro.crypto.hash.Md5Hash;


import org.slf4j.Logger;


@@ -21,6 +23,8 @@


import java.io.IOException;


import java.io.OutputStream;


import java.util.Date;


import java.util.HashMap;


import java.util.Map;




/**


 * JwtToken生成的工具类


@@ -45,7 +49,7 @@


    public static String tokenHead="";




    /**Token有效期为1天(Token在reids中缓存时间为两倍)  单位ms*/


    public static final long EXPIRATION=(1 * 24) * 60 * 60 * 1000;  //JWT的超期限时间(60*60*24*1)


    public static final long EXPIRATION=(1 *12) * 60 * 60 * 1000;  //JWT的超期限时间(60*60*24*1)




    /**


     * token有效期还有30分钟,刷新token  单位ms


@@ -59,10 +63,11 @@


     * @param secret  用户密码


     * @return


     */


    public static boolean verify(String token,String username,String secret){


    public static boolean verify(String token,String username,String secret,Integer identity){


        try {


            Algorithm algorithm = Algorithm.HMAC256(secret);


            JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username).build();


            JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username)


                    .withClaim("identity",identity).build();


            DecodedJWT jwt = verifier.verify(token);


            return true;


        }catch (Exception e){


@@ -71,11 +76,12 @@


    }






    public static boolean isNeedUpdate(String token,String username,String secret){


    public static boolean isNeedUpdate(String token, String username, String secret,Integer identity){


        Date expertsAt =null;


        try {


            Algorithm algorithm = Algorithm.HMAC256(secret);


            JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username).build();


            JWTVerifier verifier = JWT.require(algorithm).withClaim("username", username)


                    .withClaim("identity",identity).build();


            expertsAt = verifier.verify(token).getExpiresAt();


        }catch (Exception e){


            throw new ApiException("token非法无效");


@@ -99,15 +105,32 @@


    }




    /**


     * 获取token中的信息  无需secret解密也能获得


     * @param token


     * @return


     */


    public static Integer getIdentity(String token){


        try {


            DecodedJWT jwt = JWT.decode(token);


            return jwt.getClaim("identity").asInt();


        }catch (JWTDecodeException e){


            return null;


        }


    }








    /**


     * 生成签名


     * @param username


     * @param secret


     * @return


     */


    public static String sign(String username,String secret){


        Date date=new Date(System.currentTimeMillis()+EXPIRATION*1000);


    public static String sign(String username,String secret,Integer identity){


        Date date=new Date(System.currentTimeMillis()+EXPIRATION);


        Algorithm algorithm=Algorithm.HMAC256(secret);


        return JWT.create().withClaim("username",username).withExpiresAt(date).sign(algorithm);


        return JWT.create().withClaim("username",username)


                .withClaim("identity",identity).withExpiresAt(date).sign(algorithm);


    }




    /**